An IT security expert says New Zealand organisations may have been caught up in a sophisticated global ransomware attack.
The attack came to light early yesterday, hitting a Miami-based IT company, Kaseya, and infiltrating companies using that firm’s software.
Daniel Ayers said this sort of “supply chain” attack is significant and there are a number of IT service providers in New Zealand that use Kaseya.
“There’s been information released on the internet that there are people affected in New Zealand. Some of the anti-virus providers have released information that they have seen detections in New Zealand.”
Ayers said the timing of the attack means some companies may not discover they are affected until they start work tomorrow morning.
Local tech company Datacom said it has shut down its servers that use Kaseya software after the attack.
A spokesperson for the company said it had been decommissioning the software, even before yesterday’s attack.
It has been monitoring the situation for its customers and has not found any sign of incursions.
The cyber-security watchdog CertNZ is advising organisations using Kaseya to shut down those servers.
Kaseya provides IT management software for Managed Service Providers (MSPs) and small to mid-sized businesses (SMBs) – linking clients and partners in New Zealand.
Kaseya has previously publicised its links to New Zealand-based CodeBlue and other Australasian IT companies, including BigAir, Datacom, eNerds, Leap Consulting, Surety IT and Ricoh Australia.
President Joe Biden has directed US intelligence agencies to investigate who was behind the attack that also hit hundreds of American businesses.
As well, 500 Coop supermarket stores in Sweden have been forced to close.
Coop Sweden said it closed more than half of its 800 stores on Friday after point-of-sale tills and self-service checkouts stopped working.
Security firm Huntress said it believed the Russia-linked REvil ransomware gang was to blame for the latest ransomware outbreak. Last month, the FBI blamed the same group for paralysing meat packer JBS.
In a statement, the US Cybersecurity and Infrastructure Security Agency said it was “taking action to understand…